Histórico de auditoria
allaymc-plugin-dev - 6 auditorias
Versão da auditoria 6
Mais recente Baixo RiscoJun 28, 2026, 09:19 AM
Static analysis reported many high-risk patterns, but manual review found they come from LGPL license prose, Markdown code formatting, and legitimate git or Gradle workflow examples. No prompt injection, credential access, data exfiltration, obfuscated code, or malicious network behavior was found in LICENSE, README.md, or SKILL.md. The skill is low risk because it can guide users or agents to run standard development commands and read local reference paths.
Static false positives ignored (4)
These static matches were dismissed by semantic review or matched schema-only tokens, so they are shown for transparency but do not drive the quality score.
Fatores de risco
⚙️ Comandos externos (4)
📁 Acesso ao sistema de arquivos (3)
Versão da auditoria 5
SeguroJan 16, 2026, 03:04 PM
This is a prompt-only documentation skill containing guidance for AllayMC plugin development. No executable code, scripts, network operations, or file system access beyond the skill's own directory. Static findings are false positives triggered by markdown documentation patterns (backticks in code blocks) and LGPL-2.1 license legal text. The skill reads reference materials via user-initialized git submodules.
Fatores de risco
⚙️ Comandos externos (67)
📁 Acesso ao sistema de arquivos (3)
Versão da auditoria 4
SeguroJan 16, 2026, 03:04 PM
This is a prompt-only documentation skill containing guidance for AllayMC plugin development. No executable code, scripts, network operations, or file system access beyond the skill's own directory. Static findings are false positives triggered by markdown documentation patterns (backticks in code blocks) and LGPL-2.1 license legal text. The skill reads reference materials via user-initialized git submodules.
Fatores de risco
⚙️ Comandos externos (67)
📁 Acesso ao sistema de arquivos (3)
Versão da auditoria 3
SeguroJan 10, 2026, 10:15 AM
This is a prompt-only skill containing documentation and guidance for AllayMC plugin development. No executable code, scripts, network operations, or file system access beyond the skill's own directory. References external git submodules that are initialized by the user.
Versão da auditoria 2
SeguroJan 10, 2026, 10:15 AM
This is a prompt-only skill containing documentation and guidance for AllayMC plugin development. No executable code, scripts, network operations, or file system access beyond the skill's own directory. References external git submodules that are initialized by the user.
Versão da auditoria 1
SeguroJan 10, 2026, 10:15 AM
This is a prompt-only skill containing documentation and guidance for AllayMC plugin development. No executable code, scripts, network operations, or file system access beyond the skill's own directory. References external git submodules that are initialized by the user.